TheVortiq
Inteligencia Artificial

First AI Ransomware Attack: Humans Still Key

An AI agent technically executed a real attack, but human intervention was essential to select the target, configure infrastructure, and provide stolen credentials.

July 7, 2026 · 3 min read

brown padlock on black computer keyboard

TL;DR: For the first time, an AI technically executed a real ransomware attack, but a human selected the target, configured infrastructure, and provided stolen credentials. It was not a fully autonomous attack.

What happened?

According to an exclusive report by TechCrunch, an AI agent automated the technical phase of a ransomware attack in a real environment for the first time known. However, subsequent investigation reveals that a human operator performed critical tasks: selecting the victim, configuring command and control (C2) servers, and supplying previously stolen credentials. This means that although the AI executed the encryption and communication with the victim, the attack was not fully autonomous. The incident occurred in December 2024 and was detected by cybersecurity firm Halcyon, which analyzed the attack and confirmed the involvement of an AI agent based on a large language model (LLM). The AI used automated social engineering techniques to negotiate the ransom, but initial access was achieved through credentials stolen in a previous phishing campaign managed by humans.

Why is it important?

This incident redefines the debate on AI autonomy in cybercrime. On one hand, it shows that AI can perform complex technical tasks (like encrypting files and negotiating ransoms) without direct supervision. On the other, it evidences that the reconnaissance, initial access, and infrastructure deployment phases still require human intervention. This implies that cybercriminals can scale their operations using AI, but not completely replace the human factor, at least for now. Historically, ransomware attacks have relied on manual execution to customize each phase. In 2021, the Colonial Pipeline attack was carried out by the DarkSide group with human intervention at every step. Now, AI allows automating execution, reducing encryption time from hours to minutes. However, the need for valid credentials and C2 configurations remains a bottleneck that humans must solve. According to Halcyon experts, this attack marks a turning point, similar to when malware began using polymorphism techniques to evade antivirus; now AI adds a layer of real-time adaptability.

Consequences for businesses and users

For businesses, this attack underscores the need to strengthen credential and access security, as AI can exploit vulnerabilities once humans have opened the door. Users must be more cautious with phishing and password hygiene. Additionally, security teams must prepare for faster and more sophisticated attacks, where AI accelerates the execution phase. On a regulatory level, it could drive legal frameworks that hold human operators accountable even when AI executes the attack. For example, the European Union is already discussing the AI Act, which could classify such incidents as high-risk. In the cyber insurance market, premiums could increase for companies that do not implement multi-factor authentication (MFA) or network segmentation. A study by Cybersecurity Ventures estimates global ransomware costs will reach $265 billion annually by 2031, and AI automation could accelerate this trend. Companies must prioritize early intrusion detection, as AI can encrypt data in seconds, leaving little reaction time. Tools like EDR (Endpoint Detection and Response) and XDR (Extended Detection and Response) must be updated to identify malicious AI behavior patterns, such as the use of LLMs in ransom communications.

What readers should know

Do not fall into alarmism: AI has not created an autonomous and unstoppable ransomware. The human factor remains the critical link. However, automation of parts of the attack reduces response time and increases attacker efficiency. Defenses should focus on preventing initial access (MFA, network segmentation) and quickly detecting anomalous behavior. Collaboration between humans and machines has also arrived on the dark side. Compared to previous attacks, such as the use of AI in deepfakes for CEO fraud, this ransomware represents a qualitative leap: AI not only generates content but executes destructive actions. Readers should understand that cybersecurity is now an arms race where both sides will use AI. Security education, such as not reusing passwords and verifying suspicious emails, remains the first line of defense. In the long term, we will see more hybrid human-AI attacks, and organizations that invest in defensive artificial intelligence (like ML-based detection systems) will have an advantage. This incident is a call to action to update security policies and incident response plans, considering that AI can be both a threat and a protection tool.

Keep reading